<?php  if (!defined('BASEPATH')) exit('No direct script access allowed');
/**
 * Project: Vietsam
 * Package Model
 * Class: Access_model
 * Author: Khoi Pham		email: pmkhoi@gmail.com
 * Created on Dec 30, 2008
 * Updated on Dec 30, 2008
 *  
 **/
class  Access_model extends CI_Model
{
	/**
	 * @var unknown_type
	 */
	var $id_profile  ;  
	/**
	 * @var unknown_type
	 */
	var $id_tab  ;  
	/**
	 * @var unknown_type
	 */
	var $view  ; 
	/**
	 * @var unknown_type
	 */
	var $add  ;  
	/**
	 * @var unknown_type
	 */
	var $edit;
	/**
	 * @var unknown_type
	 */
	var $delete;
	/**
	 * @var unknown_type
	 */
	
	function __construct()
	{
		parent::__construct();
	}

        function Access_model()
	{
		parent::__construct();
	}
	
	function insert($id_profile, $id_tabs){
		if(is_array($id_tabs)){
			$sql = "INSERT INTO gtb_access " .
					"( id_profile, id_tab, " .
					"`view`, `add`, `edit`, `delete`) " .
					"VALUES ";
			for($i = 0; $i < count($id_tabs); $i++){
				//$category = $categories[$i];
				
				if($id_profile == 1)
					$sql .= "(" .
						 intval($id_profile).", " .
						 intval($id_tabs[$i]).", " .
						 1 .", " .
						 1 .", " .
						 1 .", " .
						 1 .
						"),";
				else
					$sql .= "(" .
						 intval($id_profile).", " .
						 intval($id_tabs[$i]).", " .
						 0 .", " .
						 0 .", " .
						 0 .", " .
						 0 .
						"),";
					
			}
		}
		elseif(is_array($id_profile)){
			$sql = "INSERT INTO gtb_access " .
					"( id_profile, id_tab, " .
					"`view`, `add`, `edit`, `delete`) " .
					"VALUES ";
			for($i = 0; $i < count($id_profile); $i++){
				//$category = $categories[$i];
				if($id_profile[$i] == 1)
					$sql .= "(" .
						 intval($id_profile[$i]).", " .
						 intval($id_tabs).", " .
						 1 .", " .
						 1 .", " .
						 1 .", " .
						 1 .
						"),";
				else
					$sql .= "(" .
						 intval($id_profile[$i]).", " .
						 intval($id_tabs).", " .
						 0 .", " .
						 0 .", " .
						 0 .", " .
						 0 .
						"),";
					
			}
		}
		
		$sql = substr($sql, 0, strlen($sql)-1);
		$this->db->query($sql);
		return $this->db->affected_rows(); 
		//return $this->db->insert_id();
	}
		
	function update($access){
		$sql = "UPDATE gtb_access 
				SET ".
				"`view` = " .  intval($access->view) . "," .
				"`add` = " .  intval($access->add) . "," .
				"`delete` = " .  intval($access->delete) . "," .
				"`edit` = " .  intval($access->edit)  .
				" WHERE id_profile = " .intval($access->id_profile) . " AND id_tab = " . intval($access->id_tab);
		$this->db->query($sql);
		return $this->db->affected_rows();
	}
	
	function getAllByProfile($id_profile, $id_parent_tab){
		$sql = 'SELECT a.id_tab, a.id_profile, t.vi_name, t.en_name, t2.vi_name parent_name, t.class_name
				FROM gtb_access a
				INNER JOIN gtb_tab t ON a.id_tab = t.id_tab
				LEFT JOIN gtb_tab t2 ON t.id_parent_tab = t2.id_tab
				WHERE a.id_profile = ' . intval($id_profile) .
						' AND t.id_parent_tab = ' .intval($id_parent_tab);
		$query = $this->db->query($sql);
		if($result = $query->result()){
			return $result;
		}
       
		return null;
	}
	
	function getByProfile($id_profile){
		$sql = 'SELECT *
				FROM gtb_access 
				WHERE id_profile = ' . intval($id_profile);
		$query = $this->db->query($sql);
		if($result = $query->result()){
			return $result;
		}
       
		return null;
	}
		
	function getById($id_profile, $id_tab){
		
		$sql = 'SELECT *
				FROM gtb_access 
				WHERE id_profile = ' . intval($id_profile) . ' AND id_tab = ' .intval($id_tab);
		$query = $this->db->query($sql);
		if($result = $query->result()){
			return $result[0];
		}
       
		return null;
	}
	
	function checkAccess($id_profile, $class_name, $action){
		
		$sql = 'SELECT a.*
				FROM gtb_access a
				INNER JOIN gtb_tab t ON (t.id_tab = a.id_tab AND class_name= '.$this->db->escape($class_name).')
				WHERE id_profile = ' . intval($id_profile) . ' AND a.`' . $action . '`=1';
		$query = $this->db->query($sql);
		if($result = $query->result()){
			return $result[0];
		}
       
		return null;
	}
		
}

// EOF
